As point of sale systems, credit card protections and other security software adapt to the constantly changing market, so are hackers.
Cyber criminals are becoming increasingly aware of the methods point of sale vendors use to prevent data breaches. A new type of hack targets specific vendors instead of broader breaches, according to Computer World.
Hackers sent emails to specific vendors impersonating small businesses such as boutiques and restaurants. The email included fake issues a hacker was having as well as an attachment of their business card.
The business card was actually a malicious word document capable of stealing passwords and digital certificates, logging key strokes, taking screen shots and enabling remote desktop access.
Researchers from FireEye concluded that the attempted breach was a well-known computer Trojan known as Vawtrak. Although it used a Microsoft document, the infrastructure of the hack is similar to that of Poseidon, a recent malware program that attacks POS terminals.
An attack like this is known as spear-phishing. Often associated with advanced persistent threats (ATPs), these hacks are known for their longevity and long-term effect.
A breach in your POS system is not the only way that a hacker can steal customer and company information. Be aware of suspicious emails and phone calls to your place of employment. Although hackers can be persuasive, never give out personal information, especially passwords, to strangers.
Simply opening a malicious email can cause a security breach of great proportions. Never open attachments from unknown senders.
Visual Retail Plus has a range of security features for your protection and peace of mind. Our products also include purchase order options, reporting and inventory features. Visit our website for more information.